diff --git a/TODO b/TODO index 33c7a3a..28997a5 100755 --- a/TODO +++ b/TODO @@ -1,7 +1,9 @@ * Don't cache the username * JSON output => do index view * API -* Reattribute all invoices / paybacks to unknown user when deleting a user +* Reattribute all invoices / paybacks to unknown user when deleting a user ? +* Check that all is ok when deleting an invoice +* Use PHP constant in tpl instead of variables * User groups * cf TODO in files diff --git a/inc/Paybacks.class.php b/inc/Paybacks.class.php index 146cab8..7c4ebdd 100644 --- a/inc/Paybacks.class.php +++ b/inc/Paybacks.class.php @@ -3,7 +3,7 @@ require_once('Storage.class.php'); class Payback extends Storage { - protected $id = 0, $date, $invoice_id, $amount, $from, $to; + protected $id = 0, $date, $invoice_id, $amount, $from_user, $to_user; protected $TABLE_NAME = "Paybacks"; protected $fields = array( 'id'=>'key', @@ -41,11 +41,11 @@ } public function getFrom() { - return (int) $this->from; + return (int) $this->from_user; } public function getTo() { - return (int) $this->to; + return (int) $this->to_user; } // Setters @@ -70,11 +70,11 @@ } public function setFrom($from) { - $this->from = (int) $from; + $this->from_user = (int) $from; } public function setTo($to) { - $this->to = (int) $to; + $this->to_user = (int) $to; } // Restores object from array @@ -87,8 +87,8 @@ $this->setId($data['id']); $this->setInvoice($data['invoice_id']); $this->setAmount($data['amount']); - $this->setFrom($data['from']); - $this->setTo($data['to']); + $this->setFrom($data['from_user']); + $this->setTo($data['to_user']); $this->date = DateTime::createFromFormat('Y-m-d H:i:s', $data['date']); } @@ -100,7 +100,9 @@ $this->id = (int) $this->id; $this->invoice_id = (int) $this->invoice_id; $this->amount = (float) $this->amount; - $this->from = (int) $this->from; - $this->to = (int) $this->to; + $this->from = (int) $this->from_user; + $this->to = (int) $this->to_user; + + return $this; } } diff --git a/inc/UsersIn.class.php b/inc/UsersIn.class.php index 0a85bbf..10cb347 100644 --- a/inc/UsersIn.class.php +++ b/inc/UsersIn.class.php @@ -34,6 +34,12 @@ } public function set($users_in) { + foreach($users_in as $user=>$guest) { + if($guest < 0) + $users_in[$user] = 0; + else + $users_in[$user] = (int) $guest; + } $this->users_list = $users_in; } diff --git a/index.php b/index.php index 72da9df..929b32f 100644 --- a/index.php +++ b/index.php @@ -474,10 +474,84 @@ } break; + case 'confirm_payback': + if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['invoice_id'])) { + if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) { + $invoice = new Invoice(); + $invoice = $invoice->load(array('id'=>(int) $_GET['invoice_id']), true); + + $payback = new Payback(); + + if(!empty($_GET['payback_id'])) { + $payback = $payback->load(array('id'=>(int) $_GET['payback_id']), true); + + if($payback->getFrom() != $_GET['from'] || $payback->getTo() != $_GET['to']) { + $payback = new Payback(); + } + } + + $payback->setDate(date('i'), date('G'), date('j'), date('n'), date('Y')); + $payback->setInvoice($_GET['invoice_id']); + $payback->setAmount($invoice->getAmount()); + $payback->setFrom($_GET['from']); + $payback->setTo($_GET['to']); + + $payback->save(); + + // Clear the cache + $tmp_files = glob(raintpl::$cache_dir."*.rtpl.php"); + if(is_array($tmp_files)) { + array_map("unlink", $tmp_files); + } + + header('location: index.php'); + exit(); + + } + else { + $tpl->assign('error', $errors['unauthorized']); + $tpl->draw('index'); + } + } + else { + header('location: index.php?'.$get_redir); + } + break; + + case 'delete_payback': + if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['invoice_id'])) { + if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) { + $paybacks = new Payback(); + + $paybacks = $paybacks->load(array('to_user'=>(int) $_GET['to'], 'from_user'=> (int) $_GET['from'], 'invoice_id'=> (int) $_GET['invoice_id'])); + + foreach($paybacks as $payback) { + $payback->delete(); + } + + // Clear the cache + $tmp_files = glob(raintpl::$cache_dir."*.rtpl.php"); + if(is_array($tmp_files)) { + array_map("unlink", $tmp_files); + } + + header('location: index.php'); + exit(); + } + else { + $tpl->assign('error', $errors['unauthorized']); + $tpl->draw('index'); + } + } + else { + header('location: index.php'); + exit(); + } + + default: - $use_cache = false; // Display cached page in priority - if($use_cache && $cache = $tpl->cache('index', $expire_time = 600, $cache_id = $current_user->getLogin())) { + if($cache = $tpl->cache('index', $expire_time = 600, $cache_id = $current_user->getLogin())) { echo $cache; } else { @@ -492,7 +566,7 @@ $paybacks = array(); foreach($invoices_list as $invoice) { $paybacks[$invoice->getId()] = new Payback(); - $paybacks[$invoice->getId()] = $paybacks[$invoice->getId()]->load(array('invoice_id'=>$invoice->getId())); + $paybacks[$invoice->getId()] = $paybacks[$invoice->getId()]->load(array('invoice_id'=>$invoice->getId()), false, 'from_user'); } $tpl->assign('users', secureDisplay($users_list)); diff --git a/tpl/default_en/header.html b/tpl/default_en/header.html index a02008b..0c838dc 100755 --- a/tpl/default_en/header.html +++ b/tpl/default_en/header.html @@ -14,12 +14,12 @@
{if condition="$current_user->getAdmin() == 1"}